Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Ffjpeg'
2022-05-05
CVE-2022-28471
CWE-190
In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38
2022-03-10
CVE-2021-34122
CWE-476
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.
2022-02-11
CVE-2021-45385
CWE-476
A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438.
2022-02-08
CVE-2021-44956
CWE-787
Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.
CVE-2021-44957
CWE-120
Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.
2021-05-18
CVE-2020-23851
CWE-787
A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image.
CVE-2020-23852
CWE-787
A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.
2020-07-01
CVE-2020-15470
CWE-787
ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.
2020-05-24
CVE-2020-13440
CWE-787
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
CVE-2020-13439
CWE-125
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Ffjpeg' 
Polish
English